SMTP, also known as Simple Mail Transfer Protocol is an Internet standard that’s a communication protocol for email transmission.
This protocol is used by mail servers and other message transfer agents (MTAs) to send and receive mail messages. SMTP servers commonly use the Transmission Control Protocol (TCP) on port number 25.
User-level email clients usually use SMTP communication exclusively for sending messages to a mail server for relaying. Outgoing email to the mail server is usually secured via TLS on port 587 or SSL on port 465 per RFC 8314 standard.
For retrieving messages, IMAP and POP3 are typically used except for proprietary servers which might often implement proprietary protocols such as Ms. Exchange ActiveSync.
SMTP Communication Protocol Background
SMTP was first defined in 1982 as a delivery protocol only and updated in 2008 with extensions.
Extended SMTP (ESMTP), Also referred to as Enhanced SMTP, is a definition of protocol extensions to the Simple Mail Transfer Protocol (SMTP) standard that was defined in November 1995 in IETF publication. This defines the general structure for all existing and future extensions.
ESMTP defines consistent and manageable means by which ESMTP clients and servers can be identified and servers can indicate supported extensions.
- SMTP Authentication (SMTP-AUTH): This extension provides an access control mechanism for a client to log in using any authentication mechanism supported by the server.
- STARTTLS (Opportunistic TLS): This enables a server to tell a client that it supports encrypted communications and the client to request an upgrade to a secure channel.
- SMTP MTA Strict Transport Security: aims to address the problem of an active adversary by defining a protocol for mail servers to declare their ability to use secure channels in specific files on the server and specific DNS TXT records.
- SMTP TLS Reporting: describes a reporting mechanism and format for sharing statistics and specific information about potential failures with recipient domains.